CNNVD-202601-3809 Information

CNNVD ID

CNNVD-202601-3809

Related CVE

CVE-2025-69764

• CNNVD Published: 2026-01-22

Description (Chinese)

Tenda Ax3是中国腾达（Tenda）公司的一款 Ax1800 千兆端口双频 Wifi 6 无线路由器。 Tenda AX3 16.03.12.11版本存在安全漏洞，该漏洞源于formGetIptv函数中对stbpvid堆栈缓冲区处理不当导致基于栈的缓冲区溢出，可能导致内存损坏和远程代码执行。

Description (English)

Tenda Ax3 is an Ax 1800 giga-port double-frequency Wifi 6 wireless router of Tenda China. 16.03.12.11 version of Tenda AX3 16.03.12.11 contains a security loophole resulting from the mishandling of the stbpvid stacked buffer zone in the FormGetIptv function, which resulted in an outburst-based buffer zone, which could lead to memory damage and remote code enforcement.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

腾达

Published

2026-01-22

Last Modified

2026-02-24

References

https://river-brow-763.notion.site/Tenda-AX3-Buffer-Overflow-in-formGetIptv-2c9a595a7aef80e9b90fdaa56f51374b https://river-brow-763.notion.site/Tenda-AX3-Buffer-Overflow-in-formGetIptv-2c9a595a7aef80e9b90fdaa56f51374b?source=copy_link https://access.redhat.com/security/cve/cve-2025-69764